* [ptxdist] [PATCH v2] gnutls: Version bump. 3.7.3 -> 3.7.4.
@ 2022-04-11 19:24 Christian Melki
2022-04-22 5:35 ` [ptxdist] [APPLIED] " Michael Olbrich
0 siblings, 1 reply; 2+ messages in thread
From: Christian Melki @ 2022-04-11 19:24 UTC (permalink / raw)
To: ptxdist
Various fixes and function expansion.
Notable additions:
Certificate compression. RFC8879.
More extensive x509 sanity checking configure option. RFC5280.
https://gitlab.com/gnutls/gnutls/-/blob/master/NEWS
* Remove obsoleted configure options.
* Disable compression options.
zstd and brotli option are misspelled (configure help vs actual option).
They will be corrected in the next release.
* Disable stricter x509 checking.
Signed-off-by: Christian Melki <christian.melki@t2data.com>
---
rules/gnutls.make | 11 ++++++-----
1 file changed, 6 insertions(+), 5 deletions(-)
diff --git a/rules/gnutls.make b/rules/gnutls.make
index bc5d69cf0..785522c2a 100644
--- a/rules/gnutls.make
+++ b/rules/gnutls.make
@@ -14,8 +14,8 @@ PACKAGES-$(PTXCONF_GNUTLS) += gnutls
#
# Paths and names
#
-GNUTLS_VERSION := 3.7.3
-GNUTLS_MD5 := 3723d8fee66c5d45d780ca64c089ed23
+GNUTLS_VERSION := 3.7.4
+GNUTLS_MD5 := 4bce06332c525eae540bb237433d4225
GNUTLS := gnutls-$(GNUTLS_VERSION)
GNUTLS_SUFFIX := tar.xz
GNUTLS_URL := https://www.gnupg.org/ftp/gcrypt/gnutls/v3.7/$(GNUTLS).$(GNUTLS_SUFFIX)
@@ -53,6 +53,7 @@ GNUTLS_CONF_OPT := \
--enable-strict-der-time \
--enable-sha1-support \
--disable-ssl3-support \
+ --disable-strict-x509 \
--enable-ssl2-support \
--enable-dtls-srtp-support \
--enable-alpn-support \
@@ -70,9 +71,6 @@ GNUTLS_CONF_OPT := \
--$(call ptx/endis, PTXCONF_GNUTLS_OPENSSL)-openssl-compatibility \
--disable-tests \
--disable-fuzzer-target \
- --disable-gtk-doc \
- --disable-gtk-doc-html \
- --disable-gtk-doc-pdf \
--disable-nls \
--disable-rpath \
--disable-seccomp-tests \
@@ -90,12 +88,15 @@ GNUTLS_CONF_OPT := \
--with-nettle-mini \
--without-included-libtasn1 \
--with-included-unistring \
+ --without-libbrotli \
--without-fips140-key \
--without-idn \
--without-p11-kit \
--without-tpm2 \
--without-tpm \
--without-trousers-lib \
+ --without-zlib \
+ --without-libzstd \
--with-default-trust-store-file=/etc/ssl/certs/ca-certificates.crt
# ----------------------------------------------------------------------------
--
2.32.0
_______________________________________________
ptxdist mailing list
ptxdist@pengutronix.de
To unsubscribe, send a mail with subject "unsubscribe" to ptxdist-request@pengutronix.de
^ permalink raw reply [flat|nested] 2+ messages in thread
* Re: [ptxdist] [APPLIED] gnutls: Version bump. 3.7.3 -> 3.7.4.
2022-04-11 19:24 [ptxdist] [PATCH v2] gnutls: Version bump. 3.7.3 -> 3.7.4 Christian Melki
@ 2022-04-22 5:35 ` Michael Olbrich
0 siblings, 0 replies; 2+ messages in thread
From: Michael Olbrich @ 2022-04-22 5:35 UTC (permalink / raw)
To: ptxdist; +Cc: Christian Melki
Thanks, applied as 9f60cce118b1c89d7a76ef9a53fa519c932f680d.
Michael
[sent from post-receive hook]
On Fri, 22 Apr 2022 07:35:22 +0200, Christian Melki <christian.melki@t2data.com> wrote:
> Various fixes and function expansion.
> Notable additions:
> Certificate compression. RFC8879.
> More extensive x509 sanity checking configure option. RFC5280.
> https://gitlab.com/gnutls/gnutls/-/blob/master/NEWS
>
> * Remove obsoleted configure options.
> * Disable compression options.
> zstd and brotli option are misspelled (configure help vs actual option).
> They will be corrected in the next release.
> * Disable stricter x509 checking.
>
> Signed-off-by: Christian Melki <christian.melki@t2data.com>
> Message-Id: <20220411192409.3525611-1-christian.melki@t2data.com>
> Signed-off-by: Michael Olbrich <m.olbrich@pengutronix.de>
>
> diff --git a/rules/gnutls.make b/rules/gnutls.make
> index bc5d69cf0db9..785522c2acc2 100644
> --- a/rules/gnutls.make
> +++ b/rules/gnutls.make
> @@ -14,8 +14,8 @@ PACKAGES-$(PTXCONF_GNUTLS) += gnutls
> #
> # Paths and names
> #
> -GNUTLS_VERSION := 3.7.3
> -GNUTLS_MD5 := 3723d8fee66c5d45d780ca64c089ed23
> +GNUTLS_VERSION := 3.7.4
> +GNUTLS_MD5 := 4bce06332c525eae540bb237433d4225
> GNUTLS := gnutls-$(GNUTLS_VERSION)
> GNUTLS_SUFFIX := tar.xz
> GNUTLS_URL := https://www.gnupg.org/ftp/gcrypt/gnutls/v3.7/$(GNUTLS).$(GNUTLS_SUFFIX)
> @@ -53,6 +53,7 @@ GNUTLS_CONF_OPT := \
> --enable-strict-der-time \
> --enable-sha1-support \
> --disable-ssl3-support \
> + --disable-strict-x509 \
> --enable-ssl2-support \
> --enable-dtls-srtp-support \
> --enable-alpn-support \
> @@ -70,9 +71,6 @@ GNUTLS_CONF_OPT := \
> --$(call ptx/endis, PTXCONF_GNUTLS_OPENSSL)-openssl-compatibility \
> --disable-tests \
> --disable-fuzzer-target \
> - --disable-gtk-doc \
> - --disable-gtk-doc-html \
> - --disable-gtk-doc-pdf \
> --disable-nls \
> --disable-rpath \
> --disable-seccomp-tests \
> @@ -90,12 +88,15 @@ GNUTLS_CONF_OPT := \
> --with-nettle-mini \
> --without-included-libtasn1 \
> --with-included-unistring \
> + --without-libbrotli \
> --without-fips140-key \
> --without-idn \
> --without-p11-kit \
> --without-tpm2 \
> --without-tpm \
> --without-trousers-lib \
> + --without-zlib \
> + --without-libzstd \
> --with-default-trust-store-file=/etc/ssl/certs/ca-certificates.crt
>
> # ----------------------------------------------------------------------------
_______________________________________________
ptxdist mailing list
ptxdist@pengutronix.de
To unsubscribe, send a mail with subject "unsubscribe" to ptxdist-request@pengutronix.de
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2022-04-22 5:36 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-04-11 19:24 [ptxdist] [PATCH v2] gnutls: Version bump. 3.7.3 -> 3.7.4 Christian Melki
2022-04-22 5:35 ` [ptxdist] [APPLIED] " Michael Olbrich
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox